Let us help you improve your English

Data Security

  1. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  1. DATA RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for [six] years after they cease being customers for [tax] purposes.

In some circumstances you can ask us to delete your data: see Your legal rights below for further information.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

  1. YOUR LEGAL RIGHTS

Unless subject to an exemption under the data protection laws, you have the following rights with respect to your personal data:

  • The right to request a copy of the personal data which we hold about you;
  • The right to request that we correct any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary to retain such data;
  • The right to withdraw your consent to the processing at any time, where consent was the lawful basis for processing your data;
  • The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), where applicable i.e. where our processing is based on consent or is necessary for the performance of our contract with you or where we process your data by automated means);
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to our processing of personal data, where applicable i.e. where processing is based on our legitimate interests (or in performance of a task in the public interest/exercise of official authority); direct marketing or processing for the purposes of scientific/historical research and statistics).

If you wish to exercise any of the rights set out above, please email

No fee required – with some exceptions

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

  1. Changes to this notice and your duty to inform us of changes

This version was last updated on 17.07.2018 AND historic versions are archived AND can be obtained by contacting us.

From 25 May 2018 there will be changes in data protection laws and we will then be able to respond to some of your requests (for example, a request for the transfer of your personal data). We are still working towards getting our systems ready for some of these changes.

Please keep us informed if your personal data changes during your relationship with us. It is important that the personal data we hold about you is accurate and current.

  1. Queries, requests or concerns

To exercise all relevant rights, queries or complaints in relation to this policy or any other data protection matter between you and us, please in the first instance contact our DATA PROTECTION OFFICER

If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England, UK.

Markel Law LLP owns the copyright in this document.